facebook rss twitter

Microsoft gives early Christmas present with record patch Tuesday

by Pete Mason on 16 December 2010, 12:00

Tags: Windows Vista, Windows 7, Office 2007, Microsoft (NASDAQ:MSFT)

Quick Link: HEXUS.net/qa3mm

Add to My Vault: x

The second Tuesday of the month - commonly known as Patch Tuesday - was this week, and so Microsoft issued its monthly collection of updates.

This was no ordinary Patch Tuesday, though. The software giant issued 17 different updates for Windows, Office, Internet Explorer, Sharepoint and Exchange which fixed 40 different security flaws. Of those 17, two were rated as 'Critical' - one was for Windows Vista and Windows 7, and the other was for Internet Explorer 6, 7 and 8 - with 14 rated 'Important' and one 'Moderate'.

As a result, December one of the biggest ever months for patching security vulnerabilities and constituted almost 40 per cent of the number of fixes for the year. The total currently sits at 106 holes plugged, making 2010 Microsoft's biggest year for security updates.

Of course, this doesn't necessarily mean that the company's products are getting less safe - at least, not according to Microsoft Security Response Centre's Mike Reavey. As well as a growing portfolio of products with a support life-cycle of up to ten years, Reavey explained that the nature of vulnerability reporting is evolving.

"Vulnerability research methodologies...change and improve constantly. Older products meeting newer attack methods, coupled with overall growth in the vulnerability marketplace, result in more vulnerability reports. Meanwhile, the percentage of vulnerabilities reported to us cooperatively continues to remain high at around 80 percent; in other words, for most vulnerabilities we're able to release a comprehensive security update before the issue is broadly known".

One of the updates also closes the last of the Stuxnet-related issues that have been causing such problems around the world. More information on all of the updates can be found on the MSRC blog, and they should be pushed to Windows users soon, if they haven't been already.

HEXUS Forums :: 0 Comments

Login with Forum Account

Don't have an account? Register today!
Log in to be the first to comment!